Home
Chirpy
Cancel

Conti Ransomware

Overview Packed Sample : https://bazaar.abuse.ch/sample/03b9c7a3b73f15dfc2dcb0b74f3e971fdda7d1d1e2010c6d1861043f90a2fecd/ Unpacked Sample : https://bazaar.abuse.ch/sample/d3c75c5bc4ae087d547bd722...

Reversing WarZone Rat

Description WarZone is a Remote Access Trojan (RAT) that is sold on a publicly available website, as a Malware-as-a-Service. MD5: 48FF98ED6AE74DA9C1FEF59B40699BAE SHA256: 4537FAB9DE768A668AB4E72A...

Yametekudasai

This is the official writeup for the reverse engineering challenge YameteKudasai from Backdoor CTF 2022. First of all, let’s try to understand the working of the program. Step 1 -> Generating ...

Welkerme

Attachments : welkerme.tar.gz , compress.sh First of all, let’s have a look on the source code of the driver. #include <linux/cdev.h> #include <linux/fs.h> #include <linux/kernel.h...

Strvscstr

Attachments : chall , main.cpp So, this was an interesting challenge on CPP pwn from Cake CTF. This was the first time I tried my hands on cpp pwning. First of all, let’s have a look on the secu...

REvil Ransomware

REvil or Sodinokibi ransomware is a powerful ransomware that encrypts files. It uses advanced encryption techniques and can operate without connection to control servers. So, let’s get started ...

Ezorange

Attachments : ezorange , libc.so.6, ld-2.32.so EzOrange was an interesting heap exploitation challenge from vsctf 2022. This challenge uses libc-2.32. There are two options, Buy an orange and Modi...

Kernel root exploit via UAF and fork()

Hey everyone! This post throws some light on spawning a root shell by exploiting a simple UAF. First of all, let’s have a look on the cred struct. struct cred { atomic_t usage; #ifdef CONFI...